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(54) Virtual smart card 

(57) Smart card technology is in the process of 
ennerging as a fundamental advance in computer secu- 
rity. A Virtual Smart Card emulates a real smart card t>y 
providing an identical interlace arxi services, hlowever, 
a Virtual Smart Card has no physical manifestation any 
smart card-aware application can seamlessly inter- 
operate with either a real smart card or a Virtual Smart 
Card. A Virtual Smart Card Sever or a duplication-pro- 
tected physical media communicates with the Virtual 
Smart Card in order to activate or to deactivate the Vir- 
tual Smart Card. 
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Description 

[0001 ] The invention deals with Smart Card technol- 
ogy. This technology is in the process of emerging as a 
fundamental advance in computer security. As smart 
cards become commonplace, computer users will enjoy 
the full benefits of cryptographic services without worry- 
ing about keeping ttie confidentiality of their crypto- 
graphic keys. 

Background to the Invention 

Duplication Protected Media 

[0002] A media is said to be duplication-protected if it 
is exceedingly difficult for an unauthorized person to 
build an exact duplicate. Examples of duplicatiorvpro- 
tected media are smart cards. Dongles. and non-repro- 
ducat)le CD*&, Optical Media Autiienticity Verification: 
DiscCkiard™. [httpy/www.ttr.cail/disogard.htm]. 
[0003] A Dongle in the past was a piece of hardware 
which can be connected to a Personal Computer PC. 
Those Dongles can be substituted by means described 
in the Patent application EP97710011.4.A Dongle has 
an encryption key called the DongleKiey. It is exceed- 
ingly difficult to attack a Dongle and extract tiie Dongle- 
Key. For tiiis reason, it is exceedingly difficult to build an 
exact copy of a Dongle. 

[0004] One can copy protect software witii a Dongle 
using the technique illustrated in Figure 14. 

1201: The software vendor generates a list of ran- 
dom numbers. 

1 202: The software vendor attaches a Dongle to his 
or her machine and asks the Dongle to ertcrypt 
each rardom number using the DongleKey. The 
software vendor creates a table. e.g. 1203, of the 
efK»yption results. For example, when the Dongle 
encrypts the value 23928. the result is 90873. 
When the Dongle encrypts the value 98709 the 
result is 98199. 

1204: The software vendor encodes the table into 
tfie software to t>e protected. The software includes 
code ttiat communicates with the Dongle This code 
instructs the protected software how to execute 
steps 1206 tiirough 1211. 

1205: The software vendor sends the protected 
software to an end-user. 

1206: The end-user receives ttie protected soft- 
ware. Upon each execution, the software randomly 
chooses a value from the table, e.g.. the third value 
is 89766. 

1207: The protected software sends the random 



value to the Dongle and requests encryption using 
the DongleKey. 

1208: The Dongle retiffns the encrypted value. e.g.. 
5 09876. 

1209: The protected software compares the result 
received from the Dongle with tiie expected value in 
the tat>la If the comparison fails, then the end-user 

10 does not prcve that he or she has the required Don- 
gle. and the program stops 1210. Otiierwise. the 
program continues wrtti its normal execution 1211 
and periodically repeats starting witti step 1206. It 
is exceedingly cfifficult to perform the encryption 

75 step witiK>ut the aid of the Dongle. because one 
cannot perform the encryption without first obtain- 
ing the DongleKey. 

Readerless Device 

20 

[0005] A readerless device is a particular kind of dupli- 
cation-protected media that has no electronic connec- 
tion with a computer. For exarrple, the SecurelD^ 
device is a mobile device with an LED cfisplay. Periodi- 

25 cally (each minute or two) the mobile device performs a 
cryptographic operation and cfisplays a new challenge 
k€^. tt is exceedingly difficult to predict ttie next chal- 
lenge key before the next display. As a result, it is 
exceedingly difficult to duplicate the device. 

30 [0006] A similar function is implemented on a central 
server whk;h generates the same sequence of chal- 
lenge keys wfiile precisely synchronizing witii the 
mot>ile device. The owner of the mobile device reads 
the LED display and sends the current challenge key to 

35 the central server. If the central server validates that the 
challenge key matches the one generated by the server 
during the current time period, then the central server 
authenticates the owner of the device. 

40 Smart Card 

[0007] From an end-user's perspective, a smart card 
has three states: in-use, idle, and destroyed. A smart 
card is in-use whenever the end-user inserts the smart 

45 card into his or her macfiine. An in-use smart card can 
execute cryptographic algorittims or other smart card 
services. An important property of a smart card is that it 
stores cryptographic keys securely - rendering it 
irTposstt)le for an unauthorized party to construct an 

50 exact duplicate. Thus, a smart card is a duplication-pro- 
tected media. An idle smart card performs no services. 
A common place to store an idle smart card is in an 
owner's pocket A destroyed smart card is one that tiie 
owner misplaces or destroys, e.g.. the owner acciden- 

55 tally drops the smart card between the cushions of a 
couch. After searching for the destroyed smart card tiie 
owner can either find the card or report the card as 
missing. The smart card issuing authority can either 
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replace the destroyed smart card with an identical copy, 
or invalidate the lost smart card and Issu a complete 
replacement. 

[0008] One promising application of Smart Card tech- 
nology Is license and copy protection (LCP) as s 
desaibed In EP97710011.4. When the owner inserts 
his or her smart card, copy protected pro-ams execute; 
arxJ when the owner renrxves the smart card, the copy 
protected programs stop. So. the smart card acts as a 
"digital Ignition that serves an analogous purpose io 
to the ignition key in an automobile. A seoorxJ promising 
application of Smart Card technology is Internet 
authenticatKHi. The owner authenticates him or herself 
to a renrK>te machine t>y proving that he or she has the 
required smart card. 75 
[0009] A problem with smart card technology is its 
inherent expense and logistic overhead. One cannot 
use a sn^ card until one physically attaches a compu- 
ter to a smart card reader. 

[0010] This problem is been solved by the features of 20 
daim 1 and daim 10. ^ 
[0011] The invention presents a bridge technology^ 
called Virtual Smart Card which emulates a real smart 
card by providing an identical interface and collection of 
services. However, a Virtual Smart Card has no physi- 25 
cal manifestation. Any smart card-aware application 
can seamlessly inter-operate with either a real snrtart 
card or a Virtual Smart Card. 
[001 2] Although a Virtual Smart Card has no physical 
manifestation, a Virtual Smart Card emulates all three 30 
of the real smart card's slates. An owner can insert a 
Virtual Smart Card with the effect that the Virtual Smart 
Card's state changes from idle to in-use. An owner can 
remove a Virtual Smart Card to change the state back 
from irvuse to idle. After renK3ving the Virtual Smart 35 
Card from one machine, the owner can potentially insert 
the Virtual Smart Card into a different machine. The 
owner cannot insert the Virtual Smart Card in the sec- 
ond machine until the owner removes the Virtual Smart 
Card from tiie first machine. If the owner's machine 40 
crashes, the owner may potentially k>se his or her Vir- 
tual Smart Card. In this case, the owner usually can 
recover the lost Virtual Smart Card. However, in some 
rare cases, the Virtual Smart Card disappears and the 
owner must report the loss to the Virtual Smart Card 45 
issuing authority. The issuing authority responds in 
accordance to its policy, i.e, replacing the k)st Virtual 
Smart Card with either an exact diplicate or a complete 
replacement. 

[001 3] The issuing authority operates a central trusted so 
server called a Virtual Smart Card Server (VSC Server). 
The VSC Server maintains a database of all Virtual 
Smart Cards including the respective states and crypto- 
graphic keys. A Virtual Smart Card owner performs an 
insert operation by sending a request to the VSC Server ss 
for his or her Virtual Smart Card. The VSC Server medi- 
ates the request t>y first authenticating the owner and 
the Virtual Smart Card's implementation; and ttien vali- 



dating that the requested Virtual Smart Card is currentfy 
in the idle state. If the authentication and mediation suc- 
ceeds, then the VSC Server updates the database to 
indicate that the Virtual Smart Card is in-use. The VSC 
Server then permits the owner to use tfie Virtual Smart 
Card. When the Virtual Smart Card owner performs a 
renxive operation, the Virtual Smart Card disables itself, 
securely sends a renxive request to the VSC Server, 
and then shuts itself down. When the VSC Server 
receives a rerrxyve request, the VSC Server resets the 
Virtual Smart Card's state in the datat>ase to idle. 
[0014] An alternative to the communication between 
the Virtual Smart Card and the Virtual Smart Card 
Sen^ is presented in daim 1 0. The Virtual Smart Card 
Reader communicates with a Dongle (or some other 
dL4>lk:ation-protected physical media). A diif)lication 
protected physical media has the property that it is 
exceedingly difficult for an unauthorized attacker to con- 
struct a copy of the media. The Virtual Smart Card is a 
copy protected program that executes only if permitted 
by the Dongle. If the end-user attaches the Dongle to 
the machine, then the Virtual Smart Card executes; oth- 
enwise, the Virtual Smart Card stops. 
[0015] A spedal extension to the daimed Virtual 
Smart Card is to augment the user authentk;ation 
mediant with a reader-less authentication device. 
[P016] The advantage of this extension is excellent 
authentication at a low cost. The benefit is tiiat the Vir- 
tual Smart Card architecture effectively extends the 
functionaHty of the reader-less devk:e to Indude encryp- 
tion. 

[001 7] As claimed one promising application of Virtual 
Smart Card technology is license and copy protection 
(LCP) . When the owner inserts his or her Virtual Smart 
Card, copy protected programs execute; and when the 
owner renKves the Virtual Smart Card, the copy pro- 
tected programs stop. So, the Virtual Smart Card acts 
as a "digital ignition key" that serves an analogous pur- 
pose to the ignition key in an autorTX)t>ile. A second 
promising applbation of Virtual Smart Card technology 
is Internet authentication. A comnnon architecture 
exptoited by many of today's errterprises is a corporate 
Intranet connected to the Intemet via a firewall. In this 
architecture, an lntranet-kx;ated VSC Server distributes 
Virtual Smart Cards to machines physk;ally located 
l^ind the corporate firewall. Once an owner inserts his 
or her Virtual Smart C^ard, the owner can exploit the Vir- 
tual Smart Card's cryptographic services to securely 
connect to Internet servers. Extranets. or generate cfig- 
ital signatures. 

[0018] For a more corrplete understanding of the 
present invention and for further advantages thereof, 
reference is now made to the following Description of 
the Preferred Embodiments taken in conjunction with 
the accompanying Drawings in which: 

FIG. 1 is a t)lock diagram of the present system 
architecture of th virtual smart card sys- 
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tern; - 

FIG. 2 is a schematic representation of a master 
executing protocol; 

5 

FIG. 3 is a schematic representation of an enter- 
prise that operates a VSC Server behind its 
firewall; 

FIG. 4 Is a schematic representation of the states io 
which a Virtual Smart Card can get; 

FIG. 5 is a schematic representation of the pxesent 
system architecture of the virtual smart card 
system with a great deal of Virtual Smart is 
Cards; 

FIG. 6 is a fc3lock diagram of the insert operation of 
a Virtual Smart Card; 

20 

FIG. 7 is a schematic representation of a cfiannel 
establishment between a Virtual Smart 
Card Server and a Virtual Smart Card; 

FIG. 8 is a block dia^am of the authentrcatbn 2s 
process of a Virtual Smart Card; 



FIG. 9 is a detail of block diagram FIG. 8 showing 
the authenticationi process for user 
authentication; so 

FIG. 10 tea schematic representation of a detail of 
block diagram FIG. 8 sfiowing the imple- 
mentation authentication; 

35 

FIG. 11 is a block diagram of the remove operation; 

FIG. 12 is a block diagram of the recover operation; 

FIG. 13 is a block diagram of the entire communica- 40 
tion process between the Virtual Smart 
Card Server and the Virtual Smart Card; 

FIG. 14 is a tHock diagram of the method using 

Duplication Protected Media; 4S 

FIG. 15 is a bkx^k diagram of the present system 
architecture of the virtual smart card system 
using no network connection. 

50 

Implementation/Archrtecture 
Human Interface 

[0019] When a Virtual Smart Card owner executes the ss 
insert operation, a program prompts the owner for a 
password. When the owner executes the remove opera- 
tion, the Virtual Smart Card program stops execut- 



ing.Once the owner removes the Virtual Smart Card, 
the owner may travel to a different machine arxi insert 
the Virtual Smart Card there. 
[0020] If the owner loses the Virtual Smart Card, the 
owner executes a recover program. The recover pro- 
gram prorrpts the owner for a password. The recover 
pro^m then provides a success or error code to the 
owner depending upon the state of the recovery. 
[0021] Both the insert and recover programs derive 
two symmetric keys from tfte owner's password. The 
progams compute a hash algorithm. e.g. MD5. Men- 
ezes, A., Oorschot. P.. and Vanstone, S., Handbook of 
Applied Cryptography, CRC Press, Boca Raton 1996, 
over the password and a well-krKiwn, hardcoded SALT- 
value. The first half of tfie hash result is an authentica- 
tion key and the second half of the hash result is a pro- 
tection key. 

[0022] The purpose of the authentk:ation key is to 
securely identify the owner to a VSC Server. The pur- 
pose of the protection key is to encrypt protected infor- 
mation that the Virtual Smart Card uploads to the VSC 
Server; and decrypt protected information that the Vir- 
tual Smart Card downloads from the VSC Server. The 
protection key ensures that no operator of the VSC 
Server can discover or modify a Virtual Smart Card's 
protected information. 

System Architecture 

[P023] Rgure 1 illustrates the Virtual Smart Card 
architecture. Smart card aware user application 1 com- 
municates with the "smart card" via the DLLs of a smart 
card service provider 2. The smart card service provider 
2 relies upon the services of the Smart Card Resource 
Manager 3 which communicate with a Smart Card 
Reader Helper Driver 4 and a Virtual Smart Card 
Reader Driver 9. 

[0024] As opposed to a physk^al smart card reader, a 
Virtual Smart Card Reader 5 is virtual hardware acting 
as a emulator that passes information to and from a Vir- 
tual Smart Card 6. Additionally, the Virtual Smart Card 
Reader 5 communicates with a Virtual Smart Card 
Server 8 (VSC Server) via a network 7, e.g., an Intranet. 
Extranet, or the Internet. 

Protected Information 

[0025] A Virtual Smart Card 6 stores protected infor- 
mation that it guards in terms of confidentiality and 
integrity. The vnosX irrportant example of protected infor- 
mation is a private key used for digital signatures, 
decryption, key management, and possibly other pur- 
poses. Other examples of protected information include 
counters used in software rental applications, and confi- 
dential information used by healthcare provkiers. 
[0026] The VSC Server 8 stores all protected informa- 
tion in its database (encrypted using the respective pro- 
tection keys). When a Virtual Smart Card owner ins rts 
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a Virtual Smart Card 6. the VSC Server 8 downloads 
the protected information; and when the owner removes 
a Virtual Smart Card 6, the Virtual Smart Card 6 
Lploads the updated protected Information to the VSC 
Server 8. 5 

Encrypted Memory 

[0027] Immediately after performing the insert opera- 
tion, the Virtual Smart Card 6 generates a new, tempo- w 
rary symmetric key. Next the Virtual Smart Card 6 
decrypts the protected information using the protection 
key and re-encrypts the information using the temporary 
key. When performing the remove operation, if an 
update is required, the Virtual Smart Card decrypts the is 
protected information using the temporary key and then 
re-encrypts the Information using the protection key 
The Virtual Smart Card 6 uploads the re-erx;rypted 
information to the VSC Server 8. 

[0028] During the relatively short periods in which the 20 
Virtual Smart Card 6 needs the protected information, 
the Virtual Smart Card 6 decrypts the information using 
the temporary key. Next, the Virtual Smart Card 6 per- 
forms processing as required. If the processing modifies 
the protected information, then the Virtual Smart Card 2s 
re-encrypts the information using the temporary key. 
Rnally, the Virtual Smart Card 6 zeros out the plain text 
image. The Virtual Smart Card 6 repeats this procedure 
each time that it uses the protected information. 

30 

Volatile Memory 

[0029] The Virtual Smart Card 6 stores its encrypted 
protected information in volatile memory (not shown) of 
the data processing unit or machine, e.g. a personal 35 
computer, where it runs. Before the Virtual Smart Card 
6 exits, it explicitiy zeros out all of its volatile memory 
used to store the protected Irrformation. 

Wired Memory 40 

[0030] A Virtual Smart Card 6 wires the memory that 
stores protected information. The wire operation pre- 
cludes the memory from t^ing paged out to swap 
space. e.g. at a hard disk of a personal computer. 45 

Polling 

[0031] A Virtual Smart Card 6 periodically polls tts 
machine to ensure that an attacker has notlcopied the so 
Virtual Smart Card 6 to a different machine. The Virtual 
Smart Card 6 stores a Machine Unique Key (MUX) in 
volatile memory. Periodically, the Virtual Smart Card 6 
ot>tains a new MUK from the machine. If the new MUK 
does not match the old MUK. then the Virtual Smart ss 
Card 6 detects an attempted attack and exitsi The MUK 
is a hash of information that uniquely Identifies the 
machine. e.g., network address, machine name. 



8 

number of sectors on each fixed disk, arxJ size of swap 
space. 

[0032] The Virtual Smart Card 6 performs a similar 
procedure using its Process ID. tf tiie Virtual Snr^art Card 
6 notices during polling that the queried Process ID 
does not match the stored Process ID, then tiie Virtual 
Smart Card 6 immediately exits. 
[0033] The Virtual Smart Card periodically polls Hs 
host machine for the time of day. The Virtual Smart Card 
6 compares its expectation with the result of the polling, 
tf the result does not reasonat)ly match expectations, 
then the Virtual Smart Card 6 shuts itself down l>y exe- 
cuting the renrKve operation. For example, if the Virtual 
SnDart Card 6 polls the machine approximately every 
hour, then the Virtual Smart Card 6 would detect an 
erra if the elapsed time between polling exceeds ninety 
minutes. 

Virtual Smart Card (VSC) Server 

[0034] The VSC Server 8 is a trusted application 
which n^'ntains a datat^ase. It has to supervise one or 
more Virtual Smart Cards 6. In ord^ to make the super- 
vision possible each Virtual Smart Card 6 has the fol- 
lowing records: 

Serial Number: The serial number is a unique iden- 
tifier of a Virtual Smart Card 6. 

State: The state variable stores exactiy one of the 
following values: in-use, idle, and destroyed. If state 
has the value in-use, then the VSC Server 8 recog- 
nizes that a Virtual Smart Card 6 tias been inserted 
but not yet removed. The idle state indicates that 
tiie Virtual Smart Card € has t^en removed. The 
destroyed state indicates that ttie Virtual Smart 
Card 6 is no longer valid. The state of a destroyed 
Virtual Smart Card 6 never changes. 

MUK: The MUK is a machine unique key. tf the 
state is either idle or destroyed, then the MUK gets 
the NULL value. If the state is in-use, then MUK 
value gets the MUK of the currentiy executing 
machine. 

Protected Information: The protected information 
contains information that the Virtual Smart Card 6 
protects against attack. Examples of protected 
information are confidential encryption k^. or the 
state of electronic counters. The owner's protection 
key encrypts the protected information. Normally, 
the VSC Server 8 operators do not have access to 
an owner's protection key. 

- Protected Channel Info: tf the state of a the Virtual 
Smart Card 6 is idl or destroyed, th n the pro- 
tected channel info gets the NULL value, tf the state 
is in-use, then the Protected Channel Info gets the 
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encryption key and other state information of a pro- 
tected channel through which the Virtual Smart 
Card 6 and the VSC Server 8 communicate. 

Authorization Info: The authorization information s 
stores all information required to authorize a Virtual 
Smart Card 6. e.g., the hash of the authorization 
k^. An example hash algorithm is the so called 
MD5. 
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[0035] The insert operation enables a Virtual Smart 
Card 6 on exactly one computer. The VSC Server 8 sets 
the state of the Virtual Smart Card 6 to in-use and 
refuses all sut^sequent insert requests for the same Vir- 
tual Smart Card 6 until the VSC Server 8 receives a cor- 
responding remove request. The following five steps: 20 
Channel Establishment, Authentication, Machine 
Unique Code, Machine LocK and Download present the 
details: 
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Channel Establishment 

[0036] Channel establishment buikls a protected conr>- 
munication link between the Virtual Smart Card 6 and 
the VSC Server 8. The channel establishment protocol 
is a transport layer security protocol, e.g.. Secure 
Socket Layer SSL [SSL version 3.0]. In this protocol, the 
VSC Server 8 has a well-known public key and a corre-^ 
sponc£ng confidential private key The Virtual Smart 
Card 6 generates a new symmetric key called a session 
key and encrypts the sessbn key using the VSC 
Server's public key The VSC Server 8 cfisoovers the 
session k^ by applying its private key. The protected 
channel constets of information communicated between 
the two parties that is encrypted using the session key.-^ 
Note that a good implementation of a protected commu- 
nication channel, e.g., SSL, provides protection against 

cryptoanalysis, e.g., playtjack. 

[0037] The VSC Server 8 and the Virtual Smart Card 
6 use this protected channel for all subsequent commu- 
nication. In other words, the VSC Server 8 and the Vir- 
tual Smart Card 6 encrypt all future communications 
using the session key. The subsequent communication 
includes the insert operation and the remove operation. 
The session key disappears when the Virtual Smart 
Card program exits. 

Authenticatbn 



[0038] The Virtual Smart Card 6 authenticates its 
owner and its own implementation to the VSC Server 8. 55 
The purpose of the owner authentication is to nsur 
that an attacker cannot steal someone else's Virtual 
Smart Card 6. The purpose of implementation authenti- 



cation is to ensure that an attacker cannot buiki a leaky 
Virtual Smart Card 6 enuilator. Such a leaky emulator 
wouU be used by an attacker to authenticate as a real 
Virtual Smart Card 6 and 8ut>sequentiy leak the pro- 
tected information. 

User Authentication 

[0039] Using a hash function, e.g., MD5. denoted by 
h, the Virtual Smart Card 6 computes h(authentlcatlon 
key). The Virtual Smart Card 6 upk>ads the hash result 
to the VSC Server 8. The VSC Server 8 authenticates 
the Virtual Smart Card 6 only if the VSC Server 8 can 
validate the hash. 

[0040] Since the protected channel encrypts all infor- 
mation communicated between the Virtual Smart Card 
6 and the VSC Server 8, there is no possibility that an 
attacker can steal the authentication k^ or its hash. 
The protected channel additionally guards against cryp- 
toanalysis attacks, e.g., playt>ack. 

Virtoal Smart Card Authentication 

[0041] The Virtoal Smart Card 6 authenticates its own 
implementation using any or all of a variety of drfferent 
technk^ues such as Ent)edded Shared Key; Keyfile 
Authentication and/br One-Time Algoritlim as descrit>ed 
below. 
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[0042] A shared key called Master is embedded into 
all Virtual Smart Cards 6. Each Virtual Smart Card 6 
proves ttiat it has the Master key by executing the proto- 
col illustrated in Figure 2. Rrst. the VSC Server 8 gener- 
ates a unk|ue random number rml, and sends this 
random numt>er rml to the Virtual Smart Card 6. Next, 
the Virtual Smart Card 6 generates a second random 
nurTi)er rm2 and computes the hash, e.g., MD5, of rml , 
mn2, and Master. The Virtual Smart Card 6 returns the 
random numbers rml . rm2, and the result of the hash to 
the VSC Server 8. The VSC Server 8 then re-corrputes 
the hash arxi compares for equality. The VSC Server 8 
passes tills authentication step if and only if tiie compar- 
ison succeeds and the Virtoal Smart Card 6 retorr^ the 
correct hash result witiiin a short time period, ag.. 30 
seconds. 

[0043] The embedded shared key authentication step 
securely authenticates a Virtoal Smart Card 6 only if the 
Virtoal Smart Card's Master key remains confidential. 
However, if a hacker were to disassemble a Virtoal 
Smart Card 6 and discover the Master, then the hacker 
oouk) break the security of all Virtual Smart Cards. As a 
result, the VSC Server 8 performs the second auttienti- 
cation step described bekTw. 
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[0044] The Virtual Sniart Card 6 obtains an licens 
and copying protection (LCP)-compliant keyfile which 
contains the Virtual Smart Card's pxMc key and a con- 
fidential authentication string asl, e.g., a 128-bit ran- 
dom number. The keyfile is signed using the VSC 
Server's private key and is encrypted using a proprie- 
tary symmetric algorithm. Systems using a keyfile are 
known from the Patent application EP97710011.4. 
[0045] A software vendor locates the customer's put>- 
\\c keying material and embeds the customer's public 
keying material into a keyfile arxl sends the keyfile to the 
customer by electronic mail. Once the customer installs 
the keyffle. the protectbn mechanism permits the cus- 
tomer to execute the protected software (provkJed that 
the customer can prove that he or she has access to the 
customer's private k^ng material via a probabilistic 
proof). The creation of the keyfile is performed by a k^- 
f ile generator, which is a program that executes at the 
vendor's ladlrty. The vendor must take care to guard this 
program. 

[0046] The Virtual Smart Card 6 decrypts the keyfile 
and valklates the signature. Next, the Virtual Smart 
Card 6 decrypts and discovers the plaintext key asl. 
Next, the VSC Server 8 and the Virtual Smart Card 6 
repeat the protocol described above in conjunction with 
Rgure 2 with one exception. Tlie VSC Server 8 and the 
Virtual Smart Card 6 substitute the confidential authen- 
tication string asl for the master k^. 
[0047] The advantage of keyfile authentication is that 
the attacker does not compromise ail Virtual Smart 
Cards by breaking the security of a single keyfile. 
[0048] Any implementation of a Virtual Smart Card 6 
shouM authentk;ate itself using both forms of authenti- 
cation described above if a high grade of security assur- 
arK;e is wanted. However, in order to provide the best 
security assurance, one should additionally irrplement 
the advanced form of authentk^ation listed t>elow. 

One-Tlme Algorithm 



Wrapper: The portion of the Virtual Smart Card 6 
executable that implements / is encrypted (with a 

5 hardcoded symmetric key). Immediately before 
executing f, the Virtual Smart Card 6 executable 
kx^ates the hardcoded key and performs the 
required decryption. The Virtual Smart Card 6 
zeros out the plaintext implementation of f inrtmedi- 

10 ately after executfon. 

[0050] At runtime, the VSC Server 8 generates two 
random numbers, x and /. The VSC Server 8 corrputes 
the following result: 

15 

w = E[x.f(y)], 

where £ a symmetric encryption functfon, &g., DES, 
20 X is a plaintext value, and f(y) isa value used to derive 
an encryption key. In other words, the VSC Server 8 
oonrtputes w by encrypting x using the result of the com- 
putatfon f(y). The VSC Server 8 passes w and / to the 
Virtual Smart Card 6 . Authentication succeeds only if 
25 the Virtual Smart Card 6 can discover x using the fd- 
towing decryption step witfiin a short tinne period, e.g., 
30 seconds: 

x=Dlw.f(y)]. 

30 

That is, the Virtual Smart Card 6 decrypts w using a key 
derived from tfie result of the corrputation f(y). 
[0051] No two Virtual Smart Cards share the same 

35 function, f. Furthenmore. no two installs of the same Vir- 
tual Smart Card 6 share the same function f. Each 
irrplementatfon of f should vary in terms of both opera- 
tions and parameters. Furthernrx>re, each implementa- 
tion of / sfK)uld be rather inposing from the perspective 

40 of a reverse engineering attack. An example specifica- 
tion of / is provided below: 



[0049] The VSC Server 8 authenticates a Virtual 
Smart Card 6 with the aid of mobile agents and auto- 
mated code generation. A mobile agent is an executa- 45 
ble code segment that passes between different 
machines, e.g., an Active X control. Automated code 
generation is vehicle by whk;h one can generate a new 
executable at run-time. The automated code generator 
produces Virtual Smart Cards 6 according to a terrplate 50 
which ensures that all Virtual Smart Cards 6 are identi- 
cal in all but two respects: 

Authentication: Each Virtual Smart Card 6 has a 
unique authentication function, f. This function 55 
accepts a randomly generated number as input and 
produces a number as output This output is suita- 
t>le for deriving a key used in a symmetric ncryp- 



f(y) = 



28734y 
lcos(yrdy 



23 



[0052] An imposing function, f, woukf frustrate an 
attacker. The VSC Server 8 can quickly generate the 
required implementation given the aid of a good mathe- 
matics tool which automatically generates "C" imple- 
mentations. For example, we specified tiie exarrple 
function, f, using "Mathcad", Hompage 
ref :http://www.nriathsoft.corn/rnathcad/ - a commercially 
available tool. Using tiiis tool were able to generate ten 



7 



13 



EP0 936 530A1 



14 



examples of imposing functions in just a few minutes. 
Machine Unique Code 

[0053] After successful authentication, the Virtual 
Smart Card 6 generates a Machine Unique Key (MUK) 
and uploads the MUK to the VSC Server 8. The VSC 
Server 8 uses the MUK in the reccver operation 
descrit>ed in a following section. 

Machine Lock 

[0054] The Virtual Smart Card 6 exclusively locks a 
well-known resource on the local machina This k>ck 
ensures that only a single copy of the Virtual Smart 
Card 6 executes on the nnachine and its operational sys- 
tem at any point in tima An example of a lock on Win- 
dows 95^ or Windows ^4T™ is an absolute path of a 
registry entry opened for exclusive access. The first Vir- 
tual Smart Card 6 to open the registry gets the lock and 
any &ut>sequent Virtual Smart Card 6 process must wait 
until the first process releases the lock. In the event of a 
machine or process crash, the operating system auto- 
matically releases the lock. 

Download 

[0055] rf the state of the Virtual Smart Card 6 as 
recorded in the VSC Sender's 8 database is idle, then 
the VSC Server 8 resets the state to in-use; otherwise, 
the VSC Server 8 retums failure. Upon success, the 
VSC Server 8 downk>ads all of the Virtual Smart Card's 
protected information through the protected channel. 
This information potentially includes confidential 
encryption keys, secured counters. 
[0056] At this point the Virtual Smart Card 6 has been 
inserted arxJ is ready for use. 

Remove 

[0057] At any time after successfully perfomiing an 
insert operation, a Virtual Smart Card 6 may perform 
the remove operation (using the protected channel 
established during the insert operation). Rrst, the Vir- 
tual Smart Cartl 6 disables itself by refusing all requests 
for services. Next, the Virtual Smart Card 6 sends a 
renrxyve request to the VSC Server 8 which uploads the 
protected information (enaypted using the protection 
key). Upon receipt of a remove request, the VSC Server 
8 resets its corresponding database entry to idle and 
retums a success acknowledgment. Next, the Virtual 
Smart Card 6 unlocks the local machine lock, zeros out 
the protected information, and shuts itself down. 

Reccver 

[0058] The insert/rerrxyve protocol does not prohit>rt an 
owner from losing his or her Virtual Smart Card 6. If the 



insert operation succeeds but the corresponding 
renfKve operation fails, then the VSC Server 8 contin- 
ues to mark the Virtual Smart Card 6 as rn-use despite 
the fact that the outstanding Virtual Smart Card 6 no 

5 longer executes. The Virtual Smart Card 6 owner can 
request to retum the state of th Virtual Smart Card 6 to 
idle by executing the recover operation. The constraint 
is that one must execute the recover operation upon the 
machine that lost the Virtual Smart Card 6. 

10 [0059] The recover operation t>egins using the same 
initialization as the insert operation including channel 
establishment authentication. MUK, and niachine lock. 
The VSC Server 8 checks that the provided MUK 
equals the MUK as stored by the last insert operation. If 

IS the check succeeds, then the VSC Sender 8 resets tiie 
state in the data base of the Virtual Smart Card 6 to idle. 
[0060] The recover operation Is secure because it 
er^res that no machine currently has an outstanding 
instance of the Virtual Smart Card 6. The MUK check 

20 ensures that the VSC Server 8 and the requesting 
macNne agree upon the machine that last executed the 
successfi^ insert operation. The machine lock ensures 
that this machine is not executing any other copy of the 
Virtual Smart Card 6. As a result, the recover operation 

25 executes successfully only if no outstanding instarK^e of 
the in-use Virtual Snriart Card 6 exists. 
[0061 ] In rare cases, the Virtual Smart Card 6 protocol 
can lead to a catastrophic failure - a lost, unrecoverable 
Virtual Smart Card 6. This state occurs when a Virtual 

30 Snrtart Card 6 cannot execute a recover operation. For 
example, consider a Virtual Smart Card 6 that executes 
upon a machine that exhbits a severe, catastrophe fail- 
ure such as an unrecoverable disk error. In this case, it 
is possit)le that the MUK check could potentially fail 

3$ when it should succeed. 

[0062] In the case of a catastrophic failure, the VSC 
Sender 8 must deal with the same situation as a real 
smart card owner who physically bses his or her real 
smart card. Depending upon the VSC Server's 8 policy. 

40 the VSC Server 8 can choose how to ssue the new Vir- 
tual Smart Card 6.Applications of the Virtual Smart 
Card 

[0063] One may deploy Virtual Smart Card 6 technol- 
ogy in alnfK>st any system that uses real smart cards. 
45 This section presents some exarrptes. 

Software Copy Protection 

[0064] The Software License and Copy protection 
so system LCP prohibits software from executing unless 
an end-user can produce a licensed private key. A key- 
file issued t>y the software vendor (or another author- 
ized party) encodes the license. Security 
countermeasures ensure that an attacker cannot forge 
55 a keyfile which contains a p\AA\c key. At runtime, a copy 
protected program asks for a proof tiiat the end-user 
has a licensed private key. The copy protected program 
validates the proof using the public key stored in the 
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keyf ile. 

[0065] Some example applications of Software 
License and Copy protection syst m LCP using Virtual 
Smart Cards 6 are listed t>elow. 

Try-Before-Buy: Before purchasing an application, 
a potential customer otjtalns a Try-Before-Buy 
dema The keyfOe for the demo permits limited 
usage In terms of either functionality or permitted 
executable period. Hcpefulty, if the potential cus- 
tomer likes the demo; then the customer sut)se- 
quentty purchases the software. The software 
venda connects a VSC Server 8 to the Internet or 
another network that alkwvs access to many com- 
puters. Anyone can connect to tiie Internet when- 
ever he or she wishes, register with the software 
vendor, and obtain a unique Virtual Smart Card 6. 
The venda downloads a corresponding keyfile to 
permit the end-user to execute the program. 

- Network PCs and Network Computers: In order to 
decrease the total cost of ownership of computers, 
enterprises are k>eginning to administer machines 
using a dient/server architecture Each dient regu- 
larly obtains programs and maintenance services 
from the central server. The server bears the 
responsibility of ensuring that each dient runs cor- 
rectly. One can add VSC Server 8 functionality to 
the central server without any signifbant increase in 
cverfiead because tfie architecture requires a net- 
work connection anyway. 

Licensed Software Repository: An enterprise's cen- 
tral server stores a collection of copy protected pro- 
grams. Empkiyees download the programs from the 
central server onto tiieir rr^chines. If the emptoyee 
wishes to execute a program, then the emptoyee 
purchases a keyfile. The enterprise distributes pri- 
vate keys to enrpbyees guarded by Virtual Smart 
Cards 6. 

Network Authentication 

Intranet VSC Server 

[0066] The potential applications of Virtual Smart 
Cards 6 are not limited to software copy protection. Fig- 
ure 3 illustrates an enterprise that operates a VSC 
Server 8 in an intranet 1 1 behind a firewall 1 0 whk;h pro- 
tects the intranet 11 from the internet 12. The purpose 
of the architecture is to deploy asymmetric cryptography 
throughout the enterprise without bearing the cost of 
smart cards. Some errployees have a Personal Compu- 
ter PC. Each employee can use the services of his or 
her Virtual Smart Card 6 to autherrticated to remote 
nodes, communicate via secured electronic mail, elec- 
tronically sign documents, or use copy protected pro- 
grams. 



[0067] The security of the architecture signif icarrtiy 
exceeds the security employed by most enterprises 
today because of the reduced depoidence upon pass- 
words. For most purposes, in lieu of authenticating 
using a password, an enterprise employee can authen- 
ticate using his or her Virtual Smart Card's 6 private key. 
[0068] The weakest point in the architecture is the 
errployee's authentication to the VSC Server 8. Ulti- 
mately, the employee must supply his or her password. 
Nevertheless, one can optionally configure a VSC 
Sender 8 to require additional auttientication material. 
e.g.. a property registered MUK, or coorcGnation with an 
external authentication method such as the Secure ID 
system. 

Internet Sennce Provider VSC Server 8 

[P069] An Internet Service Provider (ISP) is an ideal 
candidate for operating a VSC Server 8. Wheri ^e of 
theJSP ^ customers connects to the ISP , the^ggSmer 
automati cally inserts aV i!$jalJS;nriart-Card.6:.andat dis- 
conji ^rtme, the Virtual Smart Card 6 automaticall y 
removes itself. The customer may sid>sequentiy exe- 
cute copy protected programs, securely access network 
services, and particqpate in electronic commerce. 
[0070] The ISP can provide the VSC Server 8 using 
minimal extensions to its existing customer database. 
With the exception of a I'lttie extra processing at cus- 
tomer bgin time, the Virtual Smart Card 6 service 
requires no ISP resources. 

Telephony over an Internet Protocol network(H.323) 

[0071 ] The upcoming trend in enterprise telephony is 
to replace traditional telephone tedmology e.g.. PBXs 
with a telephone to LAN gateway. Enterprise employees 
connect their telepfiones. picture pfYones, and comput- 
ers PC to their intranet 1 1 ; and a gateway connects the 
intranet to external networks such as the telephone net- 
vM>rk. the Internet 12. and Asynchronous Transfer 
Modus (ATM) networks. 

[0072] A gateway and gatekeeper standard that pro- 
vides telephony over an Internet Protocol (IP) network is 
the K323. K323 defines a gateway that translates IP 
traffic to and from the telephone network; and K323 
defines a gatekeeper that mediates and helps route traf- 
fic through the gateway. Unfortunately, by connecting 
the intranet to both the telephone network and the Inter- 
net, the enterprise unwittingly creates one of the most 
valuable resources potentially available to a hacker. 
Consider, for exanple. a hacker who breaks through the 
enterprise's Internet firewall 10 and accesses the 
intranet 1 1 . This hacker may potentially place telephone 
calls from this irrtranet 1 1 thereby txikling a telephone 
gateway to the world. 

[0073] Virtual Smart Card 6 technology can provide 
an irrportant countermeasure to such an attack. By 
irrplementing support for asymmetric authentication in 
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the hL323 gateway and gatekeeper, the system can 
effectively preclude Internet hackers from placing phone 
calls. The idea is that the hacker cannot obtain a Virtual 
Smart Card 6 with the required private keys and as a 
result cannot authenticate to the gateway and gate- 
keeper. 

D scription of Embodiment of Inventkxi 
States 

[0074] Rgure 4 illustrates the states of the Virtual 
Smart Card (VSC) system. When a Virtual Smart Card 
6 is created, its state is idle 101. When a Virtual Smart 
Card owner executes an insert operation 104. the state 
changes to in-use 102. Also, if the current state is idle 
101. the destroy operatbn 107 changes the state to 
destroyed 103. When currently In the in-use 102 state, 
the remove 105 operation and the recover 106 opera- 
tion change the state to Idle 101. Also^ when currently in 
the in-use 102 state, the destroyed 107 operation 
changes the state to destroyed 103. 

Architecture 

[COTS] Rgure 5 illustrates the architecture of the Vir- 
tual jo grt Card system^ One ct more Virtual Sma rt 
ISarSsatt ach to a c orrputer net work 7. No assu mp- 
tions are made (»hcerning the security of the ONTputer 
network 7. A Virtual Smart Card server 8 also connects 
to the computer network 7. 

[0076] The Virtual Smart Card operatknis are 
desaibed t>elow. 

Insert (104 Rgure 4): 

[0077] The ins^ operation 104 illustrated in Rgure 6 
changes the state from idle 101 to IxHsse 102. Rrst. the 
insert operatk>n 104 executes a channel establishment 
step 301. The channel establ^ment step 301 estat>- 
lishes a protected channel between the VSC Server 8 
and the Virtual Smart Card 6. All subsec^ent comnrujni- 
cation between the VSC Server 8 and the Virtual Smart 
Card 6 is through this protected channel. The authenti- 
cation step 302 authentk;ates both the Virtual Smart 
Card 6 owner and the Virtual Smart Card 6 inrplementa- 
tion to the VSC Server 8. If the authentication step fails, 
then the Virtual Snnart Card 6 exits 306 (and does not 
change the state). If the authentication step succeeds, 
then the Virtual Smart Card 6 corrputes a Machine 
Unique Key (MUK) 303 and upk>ads the MUK to the 
VSC Server 8. Next, the Virtual Smart Card 6 grabs an 
exclusive machine lock 304. Next the Virtual Smart 
Card 6 requests mediation 305. If the mediation 305 
tails, then the Virtual Smart Card 6 exits 306 (and does 
not change the state). Otherwise, the VSC Server 8 sets 
the state of the Virtual Smart Card 6 to in-use 102. 
Upon receipt of a positive acknowledgment from the 



VSC Server, the Virtual Smart Card 6 enables itself for 
future usa 

Channel Establishment (301 Rgire 6): 

5 

[0078] As shown in Rgure 7 the VSC Server 8 has an 
asymmebic private key 401 that the VSC Server 8 
keeps confidential. The VSC Server 81xiblishes the cor- 
responding publk: key 404 to everyona The VSC Server 

10 8 generates a random number, r1 402, and sends r1 
402 to the Virtual Smart Card 6. The Virtual Smart Card 
6 generates a second random number r2. The Virtual 
Smart Card 6 generates two adcfitional random num- 
bers used as session k^, si and s2. The Virtual 

75 Smart Card 6 encrypts r1 , r2. si , and s2 using the put>- 
lie key 404. The Virtual Smart Card 6 serxls r2 arxi the 
encrypted result to the VSC Server 8. Neither the VSC 
Server 8 or the Virtual Smart Card 6 disclose si ors2to 
other parties. Until the Virtual Smart Card 6 exits, all 

20 sut>sequent communications are encrypted using a 
symmetric encryption algorithm, e.g.. DES. using the 
session key si. Furthermore, all communications are 
hashed (e.g.. MD5) together with session key s2. The 
recipient validates by re-computing the hash. The pur- 

25 pose of the hash \s to ensure that no attacker oKxlrf ied 
the communk:ation in-transrt. 
[0079] Note that in lieu of the protocol descrbed 
above, one can potentially substitute a SSL or some 
other appropriate transport layer security protocol. 

30 

Insert request (309 Rgure 6): 

[0080] The Virtual Smart Card 6 sends a message to 
the VSC Sender 8 requesting an insert operation. 

35 

Authentication (302 Rgure 6) 

[0081] As shown in Rgure 8 the Virtual Smart Card 6 
sends its unique serial nurTi)er 508 to the VSC Server 

40 8. The VSC Server rejects any other operatk>ns (insert, 
remove, recover, destroy) with this same serial number 
until this entire Insert operation 104 exits. Upon exit this 
Insert operation either does not change the state or 
changes the state to in-use. 

45 [0082] Authentk;atk)n 302 requires the Virtual SmaxX 
Card 6 owner to authenticate him or herself using at 
least one method 501 . 

[0083] However, the system may additionally imple- 
ment two or wore independent methods (represented 

50 by 502). The Virtual Smart Card 6 authenticates its own 
implementation (distinct from the owner's authentica- 
tion) 503. The Virtual Smart Card 6 may optionally 
authenticate its implementation using additional inde- 
pendent methods 504. 

55 [0084] The VSC Server 8 mediates to ensure that all 
authentications are successful 505. If any authentica- 
tion fails, then the VSC returns a failure and does not 
change the state. Othenwise, ttie VSC Sender 8 returns 
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a success code and continues processing the insert 
operation 104. 

User Authentication (501 Figure 8) 

5 

[0085] Multiple mechanisms exist for authorizing a 
user (smart card owner). One such mechanism is illus- 
trated in Figure 9. The smart card owner enters a pass- 
word 601 (a confidential string). The Virtual Smart Card 
6 program extracts a confidential value called SALT 602 io 
from its own executable. All Virtual Smart C^ard 6 pro- 
granr^ have the same SALT 602. The Virtual Smart 
Card 6 program computes 603 the MD5 hash algorithm 
over the password 601 and the SALT 602. The result is 
a 128 bit value. The Virtual Smart Card 6 program 75 
extracts the first 64 bits and names these bits the 
authentication key 604. The Virtual Smart Card 6 pro- 
gram extracts the second 64 bits and names these bits 
the protection key 605. 

[0086] The Virtual Smart Card authenticates the 20 
smart card owner by proving to the VSC Server that the 
Virtual Smart Card knows the authentication key The 
simplest such "proof" is to simply send the authentica- 
tion key to the VSC Server. Since tiie comnuinication 
channel is protected 301 , one need not be concerned 25 
with an intruder who listens for passwords. The VSC 
Server simply validates the authentication key against 
its internal tabia More complex password authentica- 
tion schemes also exist [Menezes, A.. Oorschot P.. and 
Vanstone, S., hlandbook of Applied Cryptography, CRC 30 
Press. Boca Raton 1996] 

Irrplementation Authentication (503 Rgure 8) 

[0087] Multiple mechanisms exist for authenticating 35 
the Virtual Smart Card's implementation. One such 
mechanism is illustrated in Rgure 10. The VSC Sender 
8 generates a new, unique rarxJom number ril 701 . The 
VSC Server 8 sends ril 701 to the Virtual Smart Card 6. 
The Virtual Smart Card 6 has a confidential Master key 40 
702 embedded within the Virtual Smart Card 6 executa- 
ble image. All Virtual Smart Cards 6 have the same 
Master Key 702 embedded within their own executabla 
The Virtual Smart Card 6 generates a new, unique ran- 
dom number ri2 704. The Virtual Smart Card 6 com- 45 
putes the hash, e.g., MD5, of ri1 701, ri2 704, and 
Master 702. The Virtual Smart Card 6 returns ri2 704 
and tiie result of tiie hash to the VSC Server. The VSC 
Server 8 recomputes the hash using ril 701 and ri2 
704. If ttie recomputed hash matches the value retumed so 
by the Virtual Smart Card 6 then tiie auttientication step 
succeeds. This auttientication step proves to the VSC 
Server that the Virtual Smart Cards knows the Master 
Key An attacker cannot buiki a rogue implementation of 
a Virtual Smart Card wrttiout first disasserTt)ling a Vir- 55 
tual Smart Card and discovering the Master Key. 



Machine Unique Key MUK (303 Rgure 6): 

[P088] The Virtual Smart Card 6 computes a machine 
unique key (MUK) 303 of Hs local machina Rrst the Vir- 
tual Smart Card 6 extracts the following values from its 
machine: tiie network address, the machine's name, the 
currerrtiy logged in user (if applicable), and the number 
of sectors on each fixed cferive. The MUK 303 is ttie hash 
of all of the extracted information. 

Machine Lock (304 Figure 6): 

[0089] The Virtual Smart Card 6 opens a well-known 
path for exclusive access in the local machine's registry. 
The registry is a resource available in Windows 95™ or 
WirKk>ws Mt™ with separately kJentified items. The 
same well-known path is hardcoded into every imple- 
mentation of a Virtual Smart Card 6 prognm. Only one 
Virtual Smart Card 6 program at a time can open ttie 
path for exclusive access. 

[0090] One may implement a Virtual Smart Card 6 to 
execute on a machine other than Windows 95™ or Win- 
dows NT™. In this case, in lieu of the registry, the Virtual 
Smart Card 6 obtains exclusive access to some other 
welt-known resource. &g.. a file. The kJea is that the 
well-known resource helps cooperating Virtual Smart 
Cards 6 ensure that only one Virtual Smart Card 6 exe- 
cutes on a machine at a time. 

Mediation (305 Rgure 6): 

[P091] The VSC Server 8 looks up ttie Virtual Smart 
Card 6 in ttie VSC Server's 8 database using the Serial 
Number provkied during Auttientication 302. K the state 
of the Virtual Smart Card 6 is not idle ttien the VSC 
Server 8 refuses the rec^est and returns a negative 
acknowledgment. The Virtual Smart Card 6 then exits. 
[0092] If ttie state of ttie Virtual Smart Card 6is idle, 
then mediation succeeds and the VSC Server 8 pro- 
ceeds to setting the state of the Virtual Smart Card 6 to 
in-use 307. 

Set state to in-use (307 Rgure 6): 

[0093] The VSC Server 8 updates the record in ttie 
VSC Server's datat>ase for ttie Virtual Smart Card 6 by 
setting the state to in-usa 

Enable and download (308 Rgure 6): 

[0094] The VSC Sender 8 returns a positive acknowl- 
edgment and the Virtual Smart Card 6 begins servicing 
its owner. The VSC Server 8 also downloads informa- 
tion that is protected using the protection key 605. The 
Virtual Smart Card 6 uses ttie protection key 605 to 
decrypt. Sut>sequentiy, the Virtual Smart Card 6 can 
access the protected information. 
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Remove (105 Figure 4): 

[00951 As shown in Figure 1 1 first the Virtual Smart 
Card 6 disables itself 801. Once disabled, the Virtual 
Smart Card 6 provides no services to its owner (other s 
than completing the remove operation 105). Rrst, the 
Virtual Smart Card 6 estat)lishes a protected channel 
301 with the VSC Server. The communication required 
for the remainder of the recover operation 106 passes 
through the protected channel. Second, the Virtual 
Smart Card 6 sends a renxve request and the Virtual 
Smart Card's serial nurri^er to the VSC Server. The 
VSC Server rejects any other operations (insert, 
rerrxyve. recover, destroy) with this same serial nunto 
until this entire Renme operation 105 exits. The Virtual 
Smart Card 6 extracts its own protected information and 
encrypts 803 the information using its protection key 
605. The Virtual Smart Card 6 uploads 804 the 
encrypted, protected information to the VSC Server 8. 
The Virtual Smart Card 6 releases 805 the machine lock 
304. The Virtual Smart Card 6 sends a request for 
renrxival 806 through the protected channel 301. The 
VSC Server 8 sets the state of the Virtual Smart Card 6 
to idle 101. 

Recover (106 Figure 4) 

[0096] The recover op>eration is illustrated in Rgure 
12. The Virtual Smart Card 6 first establishes a pro- 
tected channel 301. The communication required fa the 
remainder of the recover operation 106 passes through 
the protected channel. The Virtual Smart Card 6 sends 
a recover message 901 to the VSC Server. The Virtual 
Smart Card 6 sends the Virtual Snrtart Canfs serial 
nurTt>er to the VSC Server. The VSC Server rejects any 
other operations (ir^rt remove, recover, destroy) with 
this same serial numt}er until this entire Renrx>ve opera- 
tion 105 exits. The recover operation 106 perbrms 
authentication 302. If the authentication foils, then the 
recover operation 106 exits 306 leaving the state 
unchanged. If the authentication 302 succeeds, then 
the Virtual Smart Card 6 uploads the MUK 303. Next, 
the Virtual Smart Card 6 grabs the Machine Lock 304. 
Next, the Virtual Smart Card 6 requests that the VSC 
Server 8 perform mediation 902. If the mediation 902 
fails, ttien the Virtual Smart Card 6 releases tiie 
rmchine lock 904 and exits leaving the state 
unchanged. If the mediation 902 succeeds, then the 
VSC Server 8 sets 903 ttie state of the Virtual Smart 
Card 6 to idle 101. The Virtual Smart Card 6 then 
releases the machine lock 904 and exits. At this point, 
the state of the Virtual Smart Card 6 is suitable for exe- 
cuting an insert 104 operation. 

Mediation 902 

[0097] The VSC Server 8 looks up the Virtual Smart 
Card 6 in the VSC Server's 8 database using the S rial 



Number provided during Authentication 302. If tiie state 
of ttie Virtual Smart Card 6 is not in-use ttien the VSC 
Server 8 refuses the request and returns a negative 
acknowledgment leaving the state unchanged. The Vir- 
tual Smart Card 6 then exits. 

Destroy (107 Rgure 4) 

[0098] The Virtual Smart Card 6 first establishes a 
protected channel 301 . The communication required for 
ttie remainder of the Destroy operation 107 passes 
through the protected channel. The Virtual Smart Card 
6 sends a destroy message to ttie VSC Server. The Vir- 
tual Smart Card 6 sends the Virtual Smart Card's serial 
number to the VSC Server. The VSC Server rejects any 
other operations (insert. renxTve, recover, destroy) with 
ttiis same serial numt^er until ttiis entire Destroy opera- 
tion exits. The VSC Server 8 marks a Virtual Smart 
Card 6 as destroyed. The VSC Server 8 refuses to proc- 
ess any further insert remove, or recover requests for 
the destroyed Virtual Smart Card 6. 

Virtual Smart Card Internals 

[0099] As shown in figure 1 3 in the enable and down- 
bad step 308 of tiie insert operation 104, the Virtual 
Smart Card 6 obtains protected information. The Virtual 
Smart Card 6 stores this protected information in a 
manner that cannot be manipulated or discovered. Even 
the Virtual Smart Card's owner cannot access the pro- 
tected Information through any vehicle other tiian the 
Virtual Smart Card's Interface. 
[01 00] Through the protected channel 301 , the VSC 
Server 8 downbads protected inbrmation 308 to the 
Virtual Smart Card 6. The Virtual Smart Card 6 gener- 
ates 1002 a new, unique symmetric key called temp. 
The Virtual Smart Card 6 decrypts 1003 the protected 
information obtained from the VSC Server 8 using the 
protection key 605 derived from the Virtual Smart Card 
6 owner's password 601. The Virtual Smart Card 6 
erxrypts 1004 the protected information using the tem- 
porary 1002 symmetric encryption key. The Virtual 
Smart Card 6 writes 1005 zeros over the memory tfiat 
holds tiie deartext images of the protected information. 
The Virtual Smart Card 6 stores 1006 the protected 
information (encrypted with temp 1002) in wired, virtual 
memory. The Virtual Smart Card 6 writes zeros over any 
other locations that store the (encrypted) protected 
inbrmation. If the Virtual Smart Card 6 owner rec^ests 
1007 to perform the remove operation 105, then the Vir- 
tual Smart Card 6 performs the remove operation 105. 
Ottienwise, if tiie Virtual Smart Card 6 owner requests 
processing ttiat uses ttie protected information, ttien ttie 
Virtual Smart Card 6 decrypts 1 008 the protected infor- 
mation arxJ stores the result internally. Next, the Virtual 
Smart Card 6 performs tiie requested operation 1009. If 
ttie processing did not update ttie protected information, 
ttien the Virtual Smart Card 6 zeros out the plaintext 
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image of the protected information 1011. Otherwise, if 
the processing updated the protected information, then 
the Virtual Smart Card 6 encrypts 1012 the new version 
of the protected information using temp. TTie Virtual 
Smart Card 6 ovenvrites the old version of the protected 
information. 

[0101] In the following some modifications are 
described 

Copying 

[0102] The administrator of the VSC Server 8 can 
potentially make multiple copies of a single Virtual 
Smart Card 6. The administrator slrrply builds entries in 
its datdt>ase for new Virtual Smart Cards 6 but copies 
the same information in each entry. 

Irrplementation not requiring a VSC Server 

[0103] In Figure 1 , the Virtual Smart Card Reader 5 
communicates with the VSC Server via the Network. 
However, one may potentially change the architecture 
such that the Virtual Smart Card Reader 5 does not 
communicate with the VSC Server 8 via the Network. 
Instead, the Smart Card Service Provider 2. the Smart 
Card Resource Manager 3, the Reader Helper Driver 4. 
or the Virtual Smart Card Reader Driver 9 could poten- 
tially communicate via the VSC Server 8 via the network 
while providing the same network services as descrft)ed 
in the emtxxiiment of the inventk>n. 
[01 04] Rgure 1 5 illustrates an alternative implementa- 
tion of the Virtual Smart Card 6. This irrplementation 
does not require a VSC Server 8. 
[0105] Instep of communicating with the Virtual 
Smart Card Server 8 the Virtual Smart Card Reader 5 
communicates with duplication-protected physical 
media. e.g., a Dongle 1101. A duplication protected 
physical media 1101 has the property that rt is exceed- 
ingly difficult for an unauthorized attacker to constmct a 
copy of the media 1101. The Virtual Smart Card 6 is a 
copy protected program that executes only if permitted 
by the Dongle 1 1 01 . If the end-user attaches the Dongle 
1 101 to the machine, then the Virtual Smart Card 6 exe- 
cutes; othenwise. the Virtual Smart Card 6 stops. 
[0106] The states and state transitions of the Virtual 
Smart Card 6 are iilustrated^and descrit>ed in relation to 
Figure 4. 

Idle 101: The Virtual Smart Card 6 does not exe- 
cute. The Virtual Smart Card 6 cannot validate the 
Dongle 1101. Possitrfy, the Dongle 1101 is not cur- 
rently installed. 

In-Use 102: The Virtual Smart Card 6 is »cecuting. 
The Virtual Smart Card 6 periodically communi- 
cates with the attached Dongle 1 101 as illustrated 
and described in relation to Rgure 14. 



Destroyed 103: Th Dongle 1 101 that authorizes a 
machine's Virtual Smart Card 6 has been destroyed 
or lost. 

5 [0107] Theoperationsof the Virtual Smart Card 6 are 
descrit>ed bebw: 

Insert 104: The end-user attaches the Dongle 1 101 
and boots the Virtual Smart Card 6 program. The 

10 Virtual Smart Card 6 program does rK>t operate 
unless the Virtual Smart Card 6 program can vali- 
date that the Dongle 1 101 is present The state of 
the Virtual Smart Card 6 is in-use 102 after the Vir- 
tual Smart Card 6 detects the Dongle 1101. This 

IS state is not explicitly recorded as in the case with 
the VSC Sender 8. 

Remove 105: The Dongle 1101 fails to authorize 
the Virtual Smart Card 6. For example, the end- 
20 user either removes the Dongle 1 1 01 , or the Virtual 
Smart Card 6 shuts down. The state is idle 101 
after the Dongle 1 101 is removed. 

Recover 108: If the end-user loses his or her Don- 
25 gle 1 101 , then the end-user can request a replace- 
ment from the Dongle 1101 issuing authority. 
Presumably, tiie authority that first placed the 
encryption key on the Dongle 1101 remembers the 
Dongle's key. The state is kile 101. once the end- 
30 user obtains a new Dongle 1 101 . 

Destroy 107: The Dongle 1 101 is k>st or physically 
destroyed. The state is Destroyed 103 after the 
Dongle 1 101 is physically lost or destroyed. 

35 

[01 08] When the Virtual Smart Card 6 is idle 101 , the 
Dongje 1 101 stores the protected information. The Don- 
gle 1101 has two storage locations. The first storage 
kx^ation stores the Dongle 1 101 key (see Rgure 14) and 
40 the second storage location has the protected informa- 
tion. 

[01 09] The protected information is encrypted using a 
symmetric enayption key called VSC-Key. When the 
Virtual Smart Card 6 boots, the Virtual Smart Card 6 
45 executes the insert operation. Upon successful comple- 
tion of the insert operation, the Virtual Smart Card 6 
errters the in-use 102 state. 

[01 1 0] When the Virtual Smart Card 6 is in the in-use 
102 state, the Virtual Smart Card 6 obtains protected 

50 information. Namally, the Virtual Smart Card 6 stores 
this protected information on the Dongle 1101 in 
encrypted form. When the Virtual Smart Card 6 wishes 
to obtain the protected information, the Virtual Smart 
Card 6 retrieves the protected information from the Don- 

55 gle 1 1 01 . The Virtual Smart Card 6 uses a Master key 
to decrypt the protected irrfbrmation. The Master key is 
hardcoded into the Virtual Smart Card's 6 executat)le 
image. The Virtual Smart Card 6 stores its protected 
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irrformation in encrypted, wired memory. 
[0111] Whereas the present invention has been 
described with respect to specific embodiments thereof, 
it is intended to encompass such changes and mocfif ica- 
tions as fall within the scope of the appended claims. s 

Claims 



tual Smart Card is bst. 

8. Using of a Virtual Smart Card System of claims 1 to 
7 for license and copy protection (LCP). 

9. Usingof a Virtual Smart Card System of claims 1 to 
7 for Internet authentication. 



1 . Virtual Smart Card System for data processing net- 
works with sever computers administrating Virtual 
Smart Card specific records, network connections 
allowing confidential data exchange and client conrv 
puters running a secure operating system, process- 
ing the following steps; 

- Virtual Smart Card program sends a insert 
information to the Virtual Smart Card (VSC) 
Server; 

- VSC Server sends protected information to the 
Virtual Smart Card; 

- Virtual Smart Card generates a new temporary 
key; 

- Virtual Smart Card decrypts the protected 
information using a owners password; 

- Virtual Smart Card encrypts the protected 
irrformation using the temporary k^; 

- Virtual Smart Card operates like a real smart 
card; 

- Virtual Smart Card sends a r^nove information 
to the Virtual Smart Card Server and erases all 
protected information of the session. 

2. The Virtual Smart Card System of daim 1 wherein 
the insert information contain a authentication pro- 
cedure. 



10. Virtual Smart Card System for data processing 
10 facilities with duplk^ation-protected physical media 
(1101) administrating Virtual Smart Card specific 
records, connections alkMving confidential data 
exchange arxi computers running a secure operat- 
ing system, processing the following steps; 

IS 

• Virtual Smart Card program sends a insert 
information to the duplication-protected physi- 
cal media (1101); 

- duplication-protected physical media (1101) 
20 sends protected information to the Virtual 

Smart Card; 

Virtual Smart Card generates a new temporary 
key; 

- Virtual Smart Card decrypts the protected 
25 information using a owners password; 

- Virtual Smart Card encrypts the protected 
information using the tenporary key; 

- Virtual Smart Card operates like a real smart 
card; 

30 - Virtual Smart Card sends a remove information 
to the duplicatbn-protected physical media 
(1101) and erases all protected information of 
the session. 

35 



3. The Virtual Smart Card System of claims 1 to 2 
wherein the protected information comprises 
almost one of the folfowing informations; a private 
k^ used for digital signatures, decryption, key 40 
management, etc; counters used in software rental 
applications, and confidential information. 

4. The Virtual Smart Card System of clainris 1 to 3 
wherein the temporary key is a symmetrk; key. 45 

5. The Virtual Smart Card System of claims 1 to 4 
wherein the user authentication mechanism aug- 
mented with a reader-less auttientication dence. 

50 

6. The Virtual Smart Card System of claims 1 to 5 
wherein the Virtual Smart Card decrypts the pro- 
tected information if processing as required and re- 
encrypts the protected information if the processing 
has nrxxiified it. 55 

7. The Virtual Smart Card System of claims 1 to 6 
wh rein a recover process can be started if the Vir- 
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